<?php
	include "layout.php";
	
	if (isset($_POST["submit"])) {
		extract($_POST);
		if (!isset($fname) || !isset($lname) || !isset($password) || $fname == "" || $lname == "" || $password == "") {
			echo <<<Error
			<script>
				alert("Error: One or more of the fields are missing. Please try again.");
				window.location="index.php";
			</script>
Error;
		}
		else {
			$users = mysql_query("SELECT * FROM cust WHERE Cust_FirstName = '{$fname}' AND Cust_LastName = '{$lname}' AND Cust_PW = '{$password}'");
			$count = mysql_num_rows($users);
			if ($count == 0) {
				echo <<<Error
				<script>
					alert("Error: One or more of the fields are incorrect. Please try again.");
					window.location="index.php";
				</script>
Error;
			}
			else {
				$user = mysql_fetch_array($users);
				extract($user);
				$_SESSION["id"] = $Cust_ID;
				$name = $Cust_FirstName . " " . $Cust_LastName;
				echo <<<Success
				<script>
					alert("Hello {$name}! Welcome to the BDPA-NY Vending Machine Application!");
					window.location="main.php";
				</script>
Success;
			}
		}
	}
	else {
		header("Location: index.php");
	}